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* Claims labeled by a "*" are not being amended herein and are being provided for the 
convenience of the Examiner and Applicant. 



1. (Twice amended) A system on a server computer system, corfiprising: 

a communications engine for establishing a communipduons link with a client; 

security services coupled to the communications / £ngine for determining client 
privileges; / 

a web server for enabling the client to^select a service from a set of available 
services, the set of available services baaed on the client privileges: 

a [servlet] host engine coupted to the security services and to the web server for 
providing to the client[ 5 base^wi the client privileges, an applet which] code that enables 
[I/O] communication wj#Ta selected service; and 

a keysafe for'storing [a] ke ys, each key for [establishing a connection] enabling 
communication^between the client and a respective [with the] service from the set of 
fly pilflH^ jgOTvices , . / 

*2. (Once amended) The system of claim 1, wherein the communications engine uses 
SSL to create a secure communications link with the client. 

*3. The system of claim 1 5 wherein communications engine negotiates an encryption 
protocol for transferring messages/o and from the client. 

*4. The system of claim 1 , wherein the communications engine uses public key 
certificates for transferring messages to and from the client. 

5. (Twice amended) ZThe system of claim 1, wherein the security services use public 
key certificates to authenticate a user of the client to determine the clien t privileges. 
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6. (Twice amended) The system |of claim 1, wherein the security services examine 
the [client] identity of a user of the client and the level of authentication to determine the 
client privileges. 

7. (Twice amended) The system of claim 1, wherein the security services examine a 
public key certificate to authenticate the client to determine the client privileges . 



8. (Twice amended) The system 
digital signature to authenticate the 



i >f claim 1, wherein the security services use a 
to determine the client privileges. 



cli ;nt 



(Twice amended) The system 
forwards to the client [a] security [a] 

Smi rily-p » ^ i i ill i hi iX^m ^l^yf^A 



of claiip^wherein the [servlet] host engine 
1] code for enabling the client to perform a 
o dourity a crvicc&r - 



10. (Twice amended) The system of claim 1, wherein one of the available services is 
secured by a firewall and one of the keys is configured to enable communication through 
the firewall. 



*11. (Once amended) The system 
protecting the system. 



12. (Twice amended) Thesysterp 
an address identifying the location o 



13. (Twice amended) Thesysteri 
provide[s] to the client a direct 



of claim 1, further comprising a firewall for 



of claim 1, wherein [the] one of the keys includes 
the selected service. 



of claim 1, wherein the [applet] code uses a key to 
connection with the selected service. 
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14. (Twice amended) The system 



communication] for communicating v ith the selected service, and wherein the [applet] 
code enables [I/O] the client to comm xnicate with the proxy and [the] one of the keys 



enables the proxy to locate the selecte I service. 




(Twice amended) A computei 



of claim 1, further comprising a proxy [in 



-based method comprising [the steps of]: 



establishing a communicatiorys link with a clienj 
determining client privileges^ 

enabling the client to select a service frpifi a set of available services, the set of 
available services based on the clieirt privileges: 

providing to the clientf, based on the client privileges, an applet which] code that 
enables [I/O] communication withfe^elected service; and 

retrieving a key from a sfet/of keys: each key corresponding to a respective service 
from the set of available sec^ices/the retrieved kev for [establishing a connection with] 
_enablmg^ mmunicatioirbetweeh tT^henrandthe-^^ 

* 1 6. (Once amended) The method of claim 15, wherein establishing a communications 
link includes the step of using/SSL to create a secure communications link with the client. 



* 1 7. The method of claim 15, wherein establishing a communications link includes the 



step of negotiating an encr 
client. 



* 1 8. The method of clain 
step of using public key 



19. (Once amended) Th; 
includes the step of using pul 



ion protocol for transferring messages to and from the 



15, wherein establishing a communications link includes the 
certificates for transferring messages to and from the client. 



method of claim 15, wherein determining client privileges 
lie key certificates to authenticate a user of the client. 
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of claim 15, wherein determining client privileges 
includes the step of examining [clienl] the identity of a user of the client and the level of 
authentication [to determine client privileges]. 



*21 . (Once amended) The method of claim 15, wherein determining client privileges 
includes the step of examining a public key certificate to authenticate the client. 

*22. (Once amended) The method of claim 15, wherein determining client privileges 
includes the step of using a digital /signature to authenticate the client. 

23. (Once amended) The method of claim 15, wherein establishing a communications 
link includes forwarding to the client [a] security [applet] code for enabling the client to 
perform a recognized security protocol. 

24. (Twice amended) The method of claim 15, further comprising the step of using 
[the] one of the keys to communicate through a firewall to the selected service. 

*25. (Once amended) The method of claim 15, wherein the method is performed by a 
server and further comprising using a firewall to protect the server. 

26. (Twice amended) The method of claim 15, wherein [the] one of the keys includes 
an address identifying the location of the selected service. 

*27. (Once amended) The method of claim 15, wherein providing includes the step of 
providing to the client a direct connection with the service. 



28. (Twice amended) pie method of claim 15, further comprising using a proxy [in 
communication] to communicate with the service, and wherein providing includes 
enabling [I/O] the client tq communicate with the proxy. 
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